Skip to content

Commit b2933f5

Browse files
simar7simar7
authored
bump trivy version to v0.51.1 (#353)
* bump trivy version to v0.51.1 * update tests
1 parent b2cd5ff commit b2933f5

File tree

5 files changed

+10
-9
lines changed

5 files changed

+10
-9
lines changed

.github/workflows/test.yaml

+1-1
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@ on:
66
workflow_dispatch:
77

88
env:
9-
TRIVY_VERSION: 0.50.2
9+
TRIVY_VERSION: 0.51.1
1010
BATS_LIB_PATH: '/usr/lib/'
1111

1212
jobs:

Dockerfile

+1-1
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
FROM ghcr.io/aquasecurity/trivy:0.50.2
1+
FROM ghcr.io/aquasecurity/trivy:0.51.1
22
COPY entrypoint.sh /
33
RUN apk --no-cache add bash curl npm
44
RUN chmod +x /entrypoint.sh

test/data/image-scan/report

+3-3
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@ Total: 19 (CRITICAL: 19)
2727
│ │ CVE-2019-5481 │ │ │ │ 7.61.1-r3 │ curl: double free due to subsequent call of realloc() │
2828
│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-5481 │
2929
│ ├────────────────┤ │ │ │ ├──────────────────────────────────────────────────────────────┤
30-
│ │ CVE-2019-5482 │ │ │ │ │ heap buffer overflow in function tftp_receive_packet()
30+
│ │ CVE-2019-5482 │ │ │ │ │ curl: heap buffer overflow in function tftp_receive_packet() │
3131
│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-5482 │
3232
├─────────────┼────────────────┤ │ ├───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
3333
│ git │ CVE-2018-17456 │ │ │ 2.15.2-r0 │ 2.15.3-r0 │ git: arbitrary code execution via .gitmodules │
@@ -58,7 +58,7 @@ Total: 19 (CRITICAL: 19)
5858
│ │ CVE-2019-5481 │ │ │ │ 7.61.1-r3 │ curl: double free due to subsequent call of realloc() │
5959
│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-5481 │
6060
│ ├────────────────┤ │ │ │ ├──────────────────────────────────────────────────────────────┤
61-
│ │ CVE-2019-5482 │ │ │ │ │ heap buffer overflow in function tftp_receive_packet()
61+
│ │ CVE-2019-5482 │ │ │ │ │ curl: heap buffer overflow in function tftp_receive_packet() │
6262
│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-5482 │
6363
├─────────────┼────────────────┤ │ ├───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
6464
│ musl │ CVE-2019-14697 │ │ │ 1.1.18-r3 │ 1.1.18-r4 │ musl libc through 1.1.23 has an x87 floating-point stack │
@@ -69,7 +69,7 @@ Total: 19 (CRITICAL: 19)
6969
│ │ │ │ │ │ │ │
7070
│ │ │ │ │ │ │ │
7171
├─────────────┼────────────────┤ │ ├───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
72-
│ sqlite-libs │ CVE-2019-8457 │ │ │ 3.21.0-r1 │ 3.25.3-r1 │ heap out-of-bound read in function rtreenode()
72+
│ sqlite-libs │ CVE-2019-8457 │ │ │ 3.21.0-r1 │ 3.25.3-r1 │ sqlite: heap out-of-bound read in function rtreenode() │
7373
│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-8457 │
7474
└─────────────┴────────────────┴──────────┴────────┴───────────────────┴───────────────┴──────────────────────────────────────────────────────────────┘
7575

test/data/with-ignore-files/report

+3-3
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@ Total: 19 (CRITICAL: 19)
2727
│ │ CVE-2019-5481 │ │ │ │ 7.61.1-r3 │ curl: double free due to subsequent call of realloc() │
2828
│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-5481 │
2929
│ ├────────────────┤ │ │ │ ├──────────────────────────────────────────────────────────────┤
30-
│ │ CVE-2019-5482 │ │ │ │ │ heap buffer overflow in function tftp_receive_packet()
30+
│ │ CVE-2019-5482 │ │ │ │ │ curl: heap buffer overflow in function tftp_receive_packet() │
3131
│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-5482 │
3232
├─────────────┼────────────────┤ │ ├───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
3333
│ git │ CVE-2018-17456 │ │ │ 2.15.2-r0 │ 2.15.3-r0 │ git: arbitrary code execution via .gitmodules │
@@ -58,7 +58,7 @@ Total: 19 (CRITICAL: 19)
5858
│ │ CVE-2019-5481 │ │ │ │ 7.61.1-r3 │ curl: double free due to subsequent call of realloc() │
5959
│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-5481 │
6060
│ ├────────────────┤ │ │ │ ├──────────────────────────────────────────────────────────────┤
61-
│ │ CVE-2019-5482 │ │ │ │ │ heap buffer overflow in function tftp_receive_packet()
61+
│ │ CVE-2019-5482 │ │ │ │ │ curl: heap buffer overflow in function tftp_receive_packet() │
6262
│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-5482 │
6363
├─────────────┼────────────────┤ │ ├───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
6464
│ musl │ CVE-2019-14697 │ │ │ 1.1.18-r3 │ 1.1.18-r4 │ musl libc through 1.1.23 has an x87 floating-point stack │
@@ -69,7 +69,7 @@ Total: 19 (CRITICAL: 19)
6969
│ │ │ │ │ │ │ │
7070
│ │ │ │ │ │ │ │
7171
├─────────────┼────────────────┤ │ ├───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
72-
│ sqlite-libs │ CVE-2019-8457 │ │ │ 3.21.0-r1 │ 3.25.3-r1 │ heap out-of-bound read in function rtreenode()
72+
│ sqlite-libs │ CVE-2019-8457 │ │ │ 3.21.0-r1 │ 3.25.3-r1 │ sqlite: heap out-of-bound read in function rtreenode() │
7373
│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-8457 │
7474
└─────────────┴────────────────┴──────────┴────────┴───────────────────┴───────────────┴──────────────────────────────────────────────────────────────┘
7575

test/data/with-trivy-yaml-cfg/report.json

+2-1
Original file line numberDiff line numberDiff line change
@@ -64,7 +64,8 @@
6464
"PkgID": "[email protected]",
6565
"PkgName": "apk-tools",
6666
"PkgIdentifier": {
67-
"PURL": "pkg:apk/alpine/[email protected]?arch=x86_64\u0026distro=3.10.9"
67+
"PURL": "pkg:apk/alpine/[email protected]?arch=x86_64\u0026distro=3.10.9",
68+
"UID": "a6adb154870b6380"
6869
},
6970
"InstalledVersion": "2.10.6-r0",
7071
"FixedVersion": "2.10.7-r0",

0 commit comments

Comments
 (0)